Communication channel enhancement

ABSTRACT

A system for automatic authentication of service requests includes authentication of a remote access device. This authentication may be accomplished automatically prior to text or audio communication between a customer and a service agent. In some embodiments, authentication is accomplished automatically by authentication of the remote access device or accomplished by asking the customer questions. A single authentication of the remote access device may be used to authenticate a service request transferred between service agents. The authentication of the remote device may include, for example, use of a personal identification number, a fingerprint, a photograph, and/or a hardware identifier. Some embodiments include an intelligent pipeline configured for managing queues of customer service requests and/or customer service agent control over a customer&#39;s access device. Some embodiments include logic configured to manage and enhance communication channels between devices.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a continuation-in-part of non-provisional patentapplication Ser. No. 15/144,765 filed May 2, 2016; acontinuation-in-part of non-provisional patent application Ser. No.14/798,468 filed. Jul. 14, 2015; a continuation-in-part ofnon-provisional patent application Ser. No. 14/831,129 filed Aug. 20,2015; a continuation-in-part of non-provisional patent application Ser.No. 14/850,142 filed Sep. 10, 2015 and a continuation-in-part ofnon-provisional patent application Ser. No. 15/008,301 filed Jan. 27,2016. The disclosures of these applications are hereby incorporatedherein by reference.

BACKGROUND Field of the Invention

The invention is in the field of communications and optionally in thefield of customer management.

Related Art

Customer service is often provided by phone calls in which a customercalls a call center. A first step in such a call is typically toauthenticate the caller. When the caller is passed from one serviceprovider to another, the authentication often must be repeated.Customers and call center staff have become accustom to this process.Calls coming into a call center are sometimes identified using callerID. User accounts may or may not be indexed by phone number.

SUMMARY

The process of authenticating a caller is facilitated using capabilitiesof a client device. In some embodiments, the authentication of thecaller is achieved by automatically authenticating the client device.The authentication of the client device is optionally accomplished bycommunicating data stored or entered on the client device. This data mayinclude personal identification numbers, passwords, biometric data,and/or the like. The authentication processes can be applied to text,voice and/or video communication between a customer and a customerservice agent.

Some aspects of the invention are configured for management ofcommunication channels between client devices and customer servicesystems. For example, if a user contacts a customer service system usinga cellular telephone and an 800 telephone number, the initial contactmay be made over a cellular telephone network and be associated with acaller ID number. The Caller ID number is then used to communicate backto the cellular telephone and control an application executing therein.This application may then be used to open a second communication channelhaving enhanced functionality. In this way an initial contact via alimited communication channel (e.g., a PTSN) can be enhance to occurover a more functional communication channel (e.g., the internet). Theenhanced functionality is optionally used for authentication and/orcustomer services. However, the management of communication channels astaught herein can be applied to applications other than customerservice.

Various embodiments of the invention include a customer communicationsystem comprising: a gatekeeper configured to receive digitalidentification data and to ratify the digital identification data bycomparing the digital identification data to previously stored customerauthentication data; and a customer relationship management systemconfigured to receive a customer service request from an access deviceand to connect the customer service request to an agent interface, thecustomer relationship management system including authentication logicconfigured to authenticate a source of the customer service requestusing at least two methods, the two methods including: a) providingquestions to the agent interface and ratifying responses to thequestions and b) providing digital identification data received from thesource of the customer service request to the gatekeeper and receivingan automated ratification of the digital identification data from thegatekeeper, the customer relationship management system being furtherconfigured to provide secure customer data to the agent interface onlyafter the authentication of the source of the customer service request.

Various embodiments of the invention include an access devicecomprising: a display; a user input; an input/output configured toinitiate communication to a customer relationship management system; anauthentication agent configured to receive an authentication requestfrom a customer relationship management system and to automaticallyprovide digital identification data to a gatekeeper in response to theauthentication request, wherein the authentication request includes anidentifier of the customer relationship management system; an accesscontrol configured to limit access via the display to the authenticationagent; and a processor configured to execute at least the authenticationagent.

Various embodiments of the invention include a method of managing acustomer service request, the method comprising: receiving the customerservice request from a remote access device; automatically sending anauthentication request to the access device; receiving digitalidentification data from the access device in response to theauthentication request; providing the digital identification data to agatekeeper; receiving from the gatekeeper a ratification of the digitalidentification data; providing permission to discuss or access securecustomer data, the permission being provided to an agent interface inresponse to receiving the ratification, the agent interface beingconfigured for audio, text or video communication between a customersupport agent and the access device.

Various embodiments of the invention include a customer relationshipmanagement system comprising authentication logic configured toautomatically authenticate a source of a customer service request usingdigital identification data received from the source of the customerservice request; and pipeline logic including: agent assignment logicconfigured to assign a customer service agent to a request pipeline,sorting logic configured to place the customer service request into therequest pipeline, and ordering logic configured to maintain an order ofcustomer service requests in the request pipeline.

Various embodiments of the invention include a method of processing acustomer service request, the method comprising: receiving a customerservice request; authenticating a source of the customer servicerequest; selecting a request pipeline for placement of the customerservice request in a request pipeline, the selection being based on theauthentication of the source; selecting an advertisement based on theauthentication of the source; and providing the service requested in thecustomer service, provision of the service being based on informationonly available because the source is authenticated.

Various embodiments of the invention include a communication systemcomprising: a customer service management system including an agentinterface configured for a human agent to initiate a request forinformation from a customer, and request logic configured to send therequest to the customer and to receive a response to the request, therequest including a command; and an access device including an I/Oconfigured for the access device to communicate with the customerservice management system via a communication system, a displayconfigured to present information to the customer, application logicconfigured to receive the request from the customer service managementsystem, to activate a user input of the access device in response to thecommand, to display the information to the customer in response to thecommand, to receive input from the customer in response to theinformation, and to send the response to the request to the customerservice management system in response to the input from the customer,and a processor configured to execute at least the application logic.The customer service management system and the access device areoptionally included independently in different embodiments.

Various embodiments of the invention include a method of processing acustomer service request, the method comprising: receiving a requestfrom a remote client; sending a command to an application on the remoteclient, the application configured to request input from a user of theremote client in response to the command, the command configured toactivate a user input device on the remote client and being sent inresponse to an action by a human agent; receiving the requested inputfrom the remote client in response to the command; and providing aservice to the user in response to the requested input.

Various embodiments of the invention include a communication serverdevice comprising an interface. The interface may be an agent interfaceconfigured for a human agent to communicate between the agent interfaceand a remote client. Alternatively, the interface may be an API tocomputing instructions configured to perform processing in conjunctionwith an application executing on a remote client. These embodimentsfurther include enhancement logic configured to receive a communicationfrom the remote client via a first communication channel and to executeapplication logic on the remote client, the application logic beingconfigured to open a second communication channel, optionally using anidentifier of the remote client. The second communication channel may bebetween the remote client and the server device or between a devicelocally connected to the remote client and the server. The secondcommunication channel optionally includes an enhanced communicationfunctionality relative to the first communication channel. Theseembodiments optionally further include account identification logicconfigured to associate the identifier of the remote client with anaccount of a user of the remote client; and a processer configured toexecute at least the enhancement logic.

Various embodiments of the invention include an access devicecomprising: an I/O configured for the access device to communicate witha remote server via at least a first communication channel and a secondcommunication channel; a display configured to present information to auser of the access device; identification logic configured to send anidentifier of the access device to the remote server via the firstcommunication channel; and application logic configured to receiveactivation data from the remote server. The activation data isconfigured to open the second communication channel between the accessdevice and the remote server or to open the second communication channelbetween a device locally connected to the access device and the remoteserver. The application logic is optionally further configured tocommunicate an identifier associated with the access device or thelocally connected device to the remote server via the secondcommunication channel. These embodiments include a processor configuredto execute at least part of the application logic.

Various embodiments of the invention include a method of communicatingbetween a remote client and a server, the method comprising: receiving afirst communication from the client at the server, via a firstcommunication channel; identifying the client based on an identifier ofthe client received via the first communication channel; sendingactivation data to the client, the activation data being configured toopen a second communication channel between the client and the server;receiving a second communication from an application executing on theclient, via the second communication channel; and communicating betweenthe client (and/or a device locally connected to the client) and theserver via the second communication channel. These embodimentsoptionally further include authenticating the client or a user of theclient using the second communication channel.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 illustrates a customer communication system, according to variousembodiments of the invention.

FIG. 2 illustrates further details of an access device, according tovarious embodiments of the invention.

FIG. 3 illustrates further details of a customer relationship managementsystem, according to various embodiments of the invention.

FIG. 4 illustrates a method of managing a customer service request,according to various embodiments of the invention.

FIG. 5 illustrates further details of pipeline logic, according tovarious embodiments of the invention.

FIG. 6 illustrates request pipelines, according to various embodimentsof the invention.

FIG. 7 illustrates schedule matching, according to various embodimentsof the invention.

FIG. 8 illustrates methods of managing a customer service request,according to various embodiments of the invention.

FIG. 9 illustrates methods of enhancing a communication channel,according to various embodiments of the invention.

FIG. 10 illustrates the use of several communication channels between anaccess device and a server, according to various embodiments of theinvention.

DETAILED DESCRIPTION

Customer Relationship Management (CRM) is improved through use ofvarious embodiments of the invention. For example, authentication of theidentity of a customer may be automated as an alternative to or inaddition to manual authentication by a human customer service agent. Theautomated authentication typically increases the speed and/or securityof the authentication process. As used herein, the phrase “automaticauthentication” is an authentication that is performed by a computerand/or communication device without necessarily requiring actions by acustomer service agent. In contrast, “manual authentication” is used torefer to authentication that is performed by a service agent, forexample, by asking the customer specific questions. Both automatic andmanual authentication can include some action performed by the customer,such as entering a Personal Identification Number (PIN) or providing afingerprint.

FIG. 1 illustrates a Customer Communication System 100, according tovarious embodiments of the invention. Customer Communication System 100includes one or more Access Devices 110, (individually labeled 110A,110B, 110C, etc.). The Access Devices 110 are configured to communicatevia a Network 115 with one or more Customer Relationship Management(CRM) Systems 120, (individually labeled 120A, 120B, etc.). Network 115may be a telephone network, a computer network (e.g., the internet),and/or some other communication network. The communication includesdigital data and also optionally analog audio and/or image data. CRMSystems 120 may include features common to traditional CRM systemsavailable from companies such as Salesforce or Zendesk. However, asdescribed further herein, CRM Systems 120 includes additional uniquefeatures. In some embodiments, CRM Systems 120 are configured to operateas an interface/shell on top of a traditional CRM system.

A single customer may be associated with more than one of Access Devices110. For example, the customer may have a phone, a tablet and a personalcomputer through which they access CRM Systems 120. These devices may beused to interact with different CRM Systems 120 associated withdifferent enterprises.

Customer Communication System 100 further includes one or moreGateKeeper 125. GateKeeper 125 is configured to control (e.g., grant)access to information and resources by ratifying the authenticity ofdigital identification data. GateKeeper 125 is optionally an integralpart of CRM System 120A. However, GateKeeper 125 is illustrated as beingseparate from CRM System 120A because, in some embodiments, GateKeeper125 is configured to support multiple CRM Systems 120. For example, insome embodiments, each of CRM Systems 120 includes its own integratedGateKeeper 125.

In typical embodiments, GateKeeper 125 is specifically configured togrant access to secure customer data and/or to grant permission to usethe secure customer data. This access is granted to customer serviceagents at members of CRM Systems 120 and/or to the consumer associatedwith the customer data. For example, a human customer service agent mayonly be granted access to secure customer data after the customer and/orcustomer's Access Device 110A is authenticated. Or, the human customerservice agent may have access to the secure customer data and only begranted permission to discuss the secure customer data (with thecustomer) if the customer and/or customer's Access Device 110A isauthenticated. GateKeeper 125 includes logic configured to perform theactions described herein. This logic is embodied in hardware, firmware,and/or software stored on a non-transient computer readable medium. Insome embodiments, Gatekeeper 125 includes a microprocessor configured toexecute specific computing instructions for ratifying the digitalidentification data.

Gatekeeper 125 is configured to facilitate authentication of a customerand/or customer's Access Device 110A by automatically comparing digitalidentification data received at the time of authentication to previouslystored customer authentication data. The previously stored customerauthentication data is typically provided to Gatekeeper 125 as part ofan account establishment or update. The previously stored customerauthentication data is optionally received from a source that isautomatically or manually authenticated separately. For example, acustomer using Access Device 110A may be manually authenticated at thestart of a communication session and then the customer authenticationdata may be received from Access Device 110A during the samecommunication session. If the digital identification data matches thestored customer authentication data, the digital identification data isconsidered to be “ratified.” A request for ratification of digitalidentification data is referred to herein as a “ratification request.”For example, a ratification request may include sending the digitalidentification data to GateKeeper 125. A ratification request isdistinguished from an “authentication request” which is a request madeto an access device for digital identification data.

In various embodiments, the previously stored customer authenticationdata represents: biometric data, a password, a personal identificationnumber (PIN), fingerprint data, facial data, a rolling code generator,image data, networking data, a mobile equipment identifier (e.g.,International Mobile Equipment Identity (IMEI) number or MobileEquipment ID (MEID), a mobile phone number, a MAC address, an internetprotocol address, an Ethernet address), location data, and/or the like,or any combination thereof. The comparison made by Gatekeeper 125between the received digital identification data and the previouslystored customer authentication data may involve multiple factors. Forexample, the authentication may be a multi-factor authentication usingboth a MAC address and a fingerprint; or using both a fingerprint and alocation. In some embodiments, authentication is based on the presenceof a certificate on Access Device 110A and/or presence of a privateencryption key on Access Device 110A that is capable of encrypting partof a response. For example, data may be sent to Access Device 110A andencrypted there using a private encryption key. The encrypted data isthen returned to GateKeeper 125 where it is decrypted using an(optionally public) decryption key. Successful decryption confirmspresence of the private encryption key on Access Device 110A and, thus,achieves authentication.

In some embodiments the role of GateKeeper 125 in authentication ofmembers of Access Devices 110 is limited to ratification of digitalidentification data and reporting this ratification to authenticationlogic (discussed elsewhere herein). However, in other embodiments,GateKeeper 125 is configured to have more direct control over access tosecure customer data.

GateKeeper 125 may use a variety of approaches for controlling access tosecure customer data. In some embodiments, GateKeeper 125 is configuredto communicate specific data access keys to CRM Systems 120 in responseto successful ratification requests. In these embodiments, the dataaccess keys are used to access and/or decrypt customer data on the CRMSystems 120. The data access keys are optionally configured to betemporary such that they provide access during just one communicationsession. In some embodiments, Gatekeeper 125 is configured to functionas a bridge between part of CRM System 120A and secure customer data. Inthese embodiments, GateKeeper 125 may be configured to directly block orallow requests to access the secure customer data from CRM System 120A.For example, Gatekeeper 125 may be configured to allow different typesof queries on a database (of customer data) as a function of the levelof authentication that has been achieved. Queries may be parsed orfiltered to determine if they should be allowed. For example, a query tocustomer data for a customer using Access Device 110A may be allowedafter Access Device 110A is successfully authenticated, while a query(optionally from the same source) to customer data for a differentcustomer may be denied. The database and database management logic areoptionally included on Gatekeeper 125, or on CRM System 120A.

In another approach, Gatekeeper 125 controls access to secure customerdata using Network Access Control (NAC). NAC uses the configuration ofaccess points, such as firewalls, switches or routers to control accessto resources within a protected network. Typically, access to resourcesincluding secured customer data is only granted (from CRM Systems 120)after authentication of a member of Access Devices 110 or of a customer.The granted access may be temporary and may be granted only to aparticular customer service agent interface, e.g., access may be grantedor denied on the granularity of a particular device hosting a customerservice agent interface. This (NAC) approach provides a level ofsecurity on a network level, in which access to particular resources ona protected network is controlled. This approach is optionally used inconjunction with other access control methods disclosed herein. Forexample, NAC may be used to control access to a particular resourceincluding secure customer data and query filtering used to controlaccess to particular data records within a database.

In some embodiments, Gatekeeper 125 is configured to facilitate bothautomatic and manual authentication. For example, Gatekeeper 125 mayfirst automatically authenticate Access Device 110A and then providequestions to manually authenticate a customer using Access Device 110A.

Following authentication of a member of Access Devices 110 and/or aparticular customer, access rights are granted. These access rights caninclude, for example, the right to access secure customer dataassociated with a particular customer, the customer being previouslyassociated with the member of Access Devices 110. The access rights caninclude permission to discuss the secure customer data with thecustomer. In some embodiments, the granted access rights aretransferrable. For example, if a telephone call or chat session istransferred from one customer service agent to another customer serviceagent, some or all of the granted rights may also be transferred. Insome embodiments, manual authentication of a customer occurs once percommunication session and memory of that authentication is transferredbetween customer service agents, while automatic authentication of themember of Access Devices 110 used by the customer is repeated for everycustomer service agent involved in the communication session. Bothmanual and automatic authentication is optionally applied to acommunication session in a layered approach. The manual and automaticauthentication may be applied in parallel or serially.

Some embodiments of Customer Communication System 100 further include anAdvertising Server 130. Advertising Server 130 is optionally part of CRMSystem 120A and includes memory configured to store advertisements andlogic configured to select advertisements for delivery to members ofAccess Devices 110. For example, Advertising Server 130 may include adatabase of advertisements and a microprocessor configured usingcomputing instructions to select advertisements from the database. Theselection of advertisements is optionally based on information that isonly available after a source of a customer service request has beenauthenticated. For example, an advertisement may be selected based on anaccount balance, credit card, debit card or checking transactionhistory, history of service requests, and/or the like.

FIG. 2 illustrates further details of Access Device 110A, according tovarious embodiments of the invention. Access Device 110A can include awide variety of devices such a personal computer, smartphone, tabletdevice, wearable device, a kiosk, or the like. In some embodiments,components disclosed as being included in Access Device 110A areprovided as part of an SDK (Software Development Kit) for third partyimplementation. For example, a business may use the SDK to add thedisclosed components to their propriety mobile application. AccessDevice 110A includes an I/O 210 configured for communicating withexternal devices via Network 115. I/O 210 may comprise an antenna andcircuit configured to communicate via Bluetooth, WiFi, GSM, CDMA, orother wireless communication standard. I/O 210 may comprise a wiredcommunication port such as a USB, FireWire, or Ethernet port, and/or thelike. One example of I/O 210 includes the wireless antenna andcommunication circuits in a mobile phone. I/O 210 is optionallyconfigured for communication over multiple communication channels. Forexample, I/O 210 may be configured for communicating over a publictelephone switching network (PTSN), over the internet according toTCP/IP protocols, via short messages services (SMS) or multi-mediaservices (MMS), via wireless protocols (e.g., Wifi or Bluetooth), via acellular network, and/or the like. I/O 210 may be configured tocommunicate data packets based on Internet Protocol (IP) addressesand/or to communicate analog or digital data to telephone numbers.

Access Device 110A further includes a Display 215 configured to displaya user interface to a user of Access Device 110A. Display 215 includes atouch screen, projector, computer screen, phone screen, and/or the like.Display 215 may be built into or attached to Access Device 110A as anaccessory. Examples of Display 215 include a computer monitor attachedto a personal computer, a built in monitor of a laptop or tabletcomputer, a mobile phone screen and a head-mounted display of a pair ofsmart glasses. Display 215 is optionally connected to other parts ofAccess Device 110A by a wireless connection.

Access Device 110A optionally includes an Access Control 220. AccessControl 220 includes logic configured to restrict access to functions ofAccess Device 110A. Access Control 220 can include, for example, thelogic that requires a personal identification number (PIN) be entered ona mobile phone or the logic that requires that a password be provided tolog into an account on a personal computer. Implementations andstructures of such logic are well known in the art. When present, AccessControl 220 provides a first step in an authentication process byrequiring that a user provide their password or PIN, etc. This stepprovides assurance that the user of Access Device 110A is authorized toat least access functions on Access Device 110A.

Access Device 110A optionally includes one or more unique deviceidentifiers. These identifiers can be used to positively identify AccessDevice 110A. In some embodiments, the unique identifiers are stored inan IMEI Storage 225. IMEI Storage 225 includes a memory locationconfigured to store an International Mobile Equipment Identity number orMobile Equipment ID, or a mobile phone number. In some embodiments, theunique identifiers are stored in an Address Storage 230. Address Storage230 includes memory configured to store a MAC address, an internetprotocol address, an Ethernet address, a network address, and/or thelike. Address Storage 230 is optionally further configured to store atemporary session identifier for use in a particular communicationsession. This session identifier may be use to re-authenticate AccessDevice 110A during the particular communication session. For example, asession identifier is optionally configured for use in automaticallyreauthorizing a session as a telephone call or text session is passedfrom a first service agent to a second service agent.

Access Device 110A further includes an Authentication Agent 235.Authentication Agent 235 is configured to facilitate client-sideprocesses in support of manual and/or automatic authentication of AccessDevice 110A. For example, in some embodiments, Authentication Agent 235is configured to receive an authentication request from a CRM System120A and to automatically provide digital identification data inresponse to this request. The digital identification data may beprovided to CRM System 120A and/or GateKeeper 125. The digitalidentification data may include one of the unique identifiers stored inAddress Storage 230 and/or IMEI Storage. For example, the digitalidentifier may include a MAC address or an IMEI number. AuthenticationAgent 235 is optionally configured to post a message on Display 215requesting that a user provide a password, PIN, fingerprint, image,and/or the like.

In various embodiments, the digital identification data includesinformation provided by a user of Access Device 110A. For example, theprovided information may include a fingerprint of the user obtainedusing a Fingerprint Reader 240. Fingerprint Reader 240 is configured toscan a user's finger print and generate digital data representing thefingerprint in real-time. Fingerprint Reader 240 is optionally also partof Access Control 220. Examples of Fingerprint Reader 240 are found inmobile phones and personal computers, where they are used for login. Inanother example, the digital identification data includes informationprovided by a user using a Camera 245. This information can include aphotograph of the user or a video of the user. In some embodiments, thisinformation is assured to be in real-time. For example, the video of theuser can be assured to be a current video by requiring that the userrespond in real-time to requests or instructions from Access Device110A. The user may be requested to make certain motions or say certainwords.

In various embodiments, the digital identification data provided byAuthentication Agent 235 includes information generated using a globalpositioning system (GPS) 250. GPS 250 includes a GPS receiver and acircuit configured to determine a location based on the timing ofsignals received at the receiver. Such GPS structures are well known tobe included in, for example, mobile phones.

In various embodiments, the digital identification data provided byAuthentication Agent 235 includes information received from a DigitalKey Device 255. Digital Key Device 255 is a physical device configuredto store or generate a digital key. The digital key is optionallygenerated as a function of time based on an initial seed value. DigitalKey Device 255 is optionally a dongle configured to be physically andremovably attached to Access Device 110A. Alternatively, Digital KeyDevice 255 optionally includes a Bluetooth device configured to connectwirelessly to Access Device 110A via a secure Bluetooth connection. Inan illustrative example, Digital Key Device 255 is a Bluetooth enableddevice including a circuit configured to generate a time dependent key.When an authentication request is received from CRM System 120A,Authentication Agent 235 may be configured to automatically look forDigital Key Device 255 connected to a Bluetooth port of Access Device110A. If Digital Key Device 255 is found, then an (optionally timedependent) key is retrieved from the found Digital Key Device 255 byAuthentication Agent 235 and automatically provided in response to theauthentication request. If then proper Digital Key Device 255 is notfound, then a default (generic) key may be provided. This default keytypically will not be sufficient to achieve device authentication.

In some embodiments, part of GateKeeper 125 is included in AccessControl 220. For example, in response to an authentication request,Authentication Agent 235 may be configured to send a request for apassword, PIN or fingerprint scan to an API of Access Control 220.Access Control 220 receives this request, displays the request onDisplay 215 and receives a password, fingerprint scan or PIN from theuser. The received fingerprint scan or PIN is then ratified bycomparison with a fingerprint data or a PIN previously stored on AccessDevice 110A. Access Control 220. The logic used for this ratificationmay be considered a local part of GateKeeper 125 and is optionally thesame logic used to log into Access Device 110A. If the ratification issuccessful then Authentication Agent 235 communicates this success toCRM System 120A in the form of a ratification token such as aconfirmation variable or time dependent key. This is an example ofratification occurring on Access Device 110A, rather than elsewhere onCustomer Communication System 100.

In some embodiments, Authentication Agent 235 includes logic configuredto generate a rolling code and/or a time dependent key, based on a seedvalue. Such logic is available in a variety of access control systems,and is known to one of ordinary skill in the art.

An authentication request received from CRM System 120A typicallyincludes an identifier of CRM System 120A and/or of GateKeeper 125. Thisidentifier may be used as an address for responding to the request, ormay be used to determine a type of authentication desired. For example,an authentication request received from CRM System 120A may include anetwork address of CRM System 120A and/or a network address ofGateKeeper 125. In one embodiment, Authentication Agent 235 receivesthis information and based on the network address of CRM System 120Adetermines that authentication requires fingerprint data. AuthenticationAgent 235 obtains the required fingerprint data using Fingerprint Reader240 and then uses the network address of GateKeeper 125 to automaticallysend the required fingerprint data to GateKeeper 125. As discussedelsewhere herein, GateKeeper 125 is configured to compare thefingerprint data with data previously stored in association with aparticular account and to grant authorization for a customer serviceagent at CRM System 120A to access secure customer data, if thefingerprint data matches the previously stored data.

Access Device 110A optionally further includes Transaction Memory 260.Transaction Memory 260 includes physical digital memory and a datastructure configured to store a record of transactions made betweenAccess Device 110A and members of CRM Systems 120. This record caninclude details of customer support sessions, products or servicesacquired during the support sessions, recommendations made by serviceagents, sales of products or services, and/or the like.

In some embodiments, the transactions stored in Transaction Memory 260are used, by Advertising Server 130, to select advertisements to bepresented on Display 215. This selection may also be based on a time, alocation of Access Device 110A, and/or a user's account information(age, gender, zip code, income, etc.). The selection of an advertisementis optionally performed on a device external to Access Device 110A. Forexample, the transactions and a current location may be sent toAdvertising Server 130 via Network 115. An advertisement selected basedon this information is then provided to Access Device 110A for displayon Display 215. Authentication Agent 235 is optionally configured todisplay the advertisement when a service request is made. Theadvertisement may also be selected based on whom the service request ismade to (e.g., CRM System 120A or CRM System 120B).

In an optional Call Back Step 413, a “callback” is received at AccessDevice 110A from CRM System 120A. Call Back Step 413 is not needed, forexample, when a customer service agent is immediately available at CRMSystem 120A. The callback may occur at a scheduled time or when the nextcustomer service agent is available.

Access Device 110A optionally further includes Scheduling Logic 265.Scheduling Logic 265 is configured to facilitate scheduling a callbackfrom CRM System 120A to Access Device 110A. Such a callback may bedesirable when a customer service agent is not immediately available. Insome embodiments, Scheduling Logic 265 is configured to show anestimated wait time before a customer service agent is expected to beavailable and to provide the customer with an option of scheduling anappointment at a later time.

Scheduling Logic 265 is configured to communicate with CRM System 120Aand to receive information regarding expected availability times forcustomer service agents. These times may be expressed as absolute times(e.g., 3:35 PM EST) or relative times (e.g. in 20 min). Severalalternative times may be provided and presented to a user as a list onDisplay 215 or audibly. In some embodiments, Scheduling Logic 265 isconfigured to automatically receive a user's calendar data, such asApple Calendar, Microsoft Outlook or Google Calendar data. SchedulingLogic 265 then uses the calendar data to identify callback times atwhich the user is free (i.e., not scheduled for something else). Inalternative embodiments, the calendar data is communicated to CRM System120A and the comparison made there. Scheduling Logic 265 is optionallyconfigured to add the callback to the user's calendar as a scheduledevent.

The availability of customer service agents for callback is optionallydependent on subject matter of the customer service request. Forexample, a request for technical assistance may be scheduled only withcustomer service agents qualified to support such requests. Theavailability of customer service agents for callback may also bedependent on scheduled work breaks (of the agents), other scheduledcallbacks, the number of agents expected to be available at that time,availability of agents who previously engaged with the user, language,and/or the like. For example, a user may request a callback from theagent who previously helped them, or may request an agent that speaksSpanish.

Access Device 110A optionally further includes Application Logic 270.Application Logic 270 includes applications optionally configured tocontrol hardware (e.g., input hardware) on Access Device 110A.Specifically, Application Logic 270 may be configured to control Camera245, Fingerprint Reader 240, Display 215, a radio, and or the like.Application Logic 270 optionally includes third party software providedby a maker of the access device or received from an independent source.Application Logic 270 is optionally configured to manage communicationsbetween Access Device 110A and other local and/or remote devices.Application Logic 270 can include one or more separate logic modulesand/or separate applications.

For example, Application Logic 270 is optionally configured to activateFingerprint Reader 240, to receive biometric data from FingerprintReader 240, and to communicate the biometric data to CRM System 120A.Alternatively, Application Logic 270 may be configured to receivebiometric data from Fingerprint Reader 240 and process this data toverify identity of the user and report this verification to CRM System120A. In another example, Application Logic 270 may be configured toactivate Camera 245 for the purposes of taking a photograph or video.Application Logic 270 may process the photograph and/or send thephotograph to CRM System 120A. For example, in various embodimentsApplication Logic 270 is configured to identify an object in aphotograph, perform optical character recognition on a photograph,and/or read a barcode within a photograph. The results of theseprocesses may be sent to CRM System 120A.

In some embodiments Application Logic 270 is configured to receive arequest for information from CRM System 120A and to display/present amenu on Display 215 in response to this request. The menu may becustomized by Application Logic 270 or prior to being received byApplication Logic 270. The customization is according to a “menucustomization,” which is an entire customized menu or a set of changesto a default or prior menu. The menu is displayed to the user and aselection among elements of the menu is received from the user of AccessDevice 110A. For example, a customer may select an element from the menuusing a touch screen of Display 215. The menu is optionally hierarchicaland the customization of the menu can include variations to the contentsof specific menu items, the hierarchical structure of the menu, and/orthe presence of specific menu items. Customized menus may be visualand/or audio.

A menu customization can include more than just a list of menu items.For example, a menu customization can selectable menu objects includingbutton, links, active icons, etc., which control operation ofApplication Logic 270. Both the presence of objects and theirfunctionality can be customized. For example, a customer service agentmay directly select, from a plurality of alternatives, the functionalitythat would be activated by selecting (e.g., clicking on) particular menuitems. In an illustrative example, a customer service agent may selectin real time how a menu item “make a new reservation” controls theoperation of Application Logic 270 based on an ongoing conversation/textbetween the user and the customer service agent. In one alternative theuser is directed to a standard reservation system and in anotheralternative the user is directed to a VIP reservation system and/or getsa reservation that has been discussed with the customer service agent.

In various embodiments, the menu customization can be based on a widevariety of criteria. For example, in some embodiments menu customizationis dependent on characteristics of a user (e.g., customer) using AccessDevice 110A. These can include the location of the customer, theidentity of the customer, purchase history of the customer, priorservice history of the customer, authentication of the customer, genderof the customer, and/or the like. The menu customization can be based onany of the criteria taught to be used for pipeline selection elsewhereherein. For example, a customer may receive a menu customized to alocation of the customer where the location is that of a shopping mall,an airport, a train station, a bus station, a hotel, a conventioncenter, a city, a street, and/or the like. The customer may receive amenu customized based on their wealth, on an account value, on the lastcustomer service agent they interacted with, on their previous menuselections, and/or the like. A customer may receive a different menucustomization after authentication of the customer and/or Access Device110A, relative to before authentication. Specifically, an authenticatedcustomer may receive a menu having added options relative to anon-authenticated customer. In some embodiments, a menu customization isresponsive to input from a customer service agent. For example, acustomer service agent may be able to specify all or part of a menucustomization in real-time during a communication session between thecustomer service agent and a user of Access Device 110A.

In some embodiments, menu customizations are configured for A/B testing.A/B testing is a process in which at least two variants (A and B) arecompared based on one or more performance criteria. A/B testing is usedin an iterative process to optimize performance according to thecriteria. Typically, A/B testing is applied to webpages. However,embodiments of the invention include A/B testing for menus. The testingmay include menu structure and/or menu content. Specifically, menucustomizations can include multiple variants of a menu provided todifferent users, the performance of which is then measured. Menucustomizations may be changed in an iterative process for progressiveimprovement of the menu. The criteria by which performance is measuredcan include, for example, the accuracy of menu selections, how long theuser spends traversing the menu, time taken by a customer service agentfollowing the menu selections, how often a customer service agent has toredirect a customer service request, and/or the like. The menucustomization can be responsive to any known A/B testing algorithm, andmay be audio and/or visual.

In some embodiments, menu customizations are related to a specificcustomer service agent. For example, if a customer has previously workedwith a particular customer agent, a menu may be adapted to allow thecustomer to request that specific agent, or adapted based on input bythat agent. For example, the agent may provide input indicating that thecustomer should get express and/or specific help, that the customerneeds specific types of services, types of problems being experienced bythe customer, events impacting the customer, outcome of a previouscustomer service request, mood of the customer, hardware used by thecustomer, and/or the like. In a specific example, a customer serviceagent may indicate that a customer was dissatisfied with a product orservice and a menu customization may include an option to be connecteddirectly with a supervisor or to obtain a return authorization number.In another example, a customer service agent may learn that a customermissed a flight and a menu customization generated in response to thisindication may include menu options related to rescheduling the flight.

The customer service agent may cause Application Logic 270 to display amenu of alternative flights for rebooking on Display 215, rather thanhaving to orally discuss each option with the customer. Such real-timedisplay of the menu can occur during the conversation between thecustomer service agent and the customer, under the control of thecustomer service agent. The menu customization is populated with thealternative flights automatically and/or under manual control of thecustomer service agent. For example, the customer may specify (e.g.,verbally) that they are satisfied with staying at a hotel for the nightand flying in the morning. The customer service agent can then selecthotel options and flight options from a list for inclusion in a menucustomization to be delivered to Access Device 110A.

In some embodiments menu customizations are related to an order historyof a customer. For example, a menu customization may relate to aspecific item recently shipped or a service recently provided. Suchcustomization may be automatic and/or performed in real-time.

Menu customization can be responsive to the status of a customer servicepipeline, real-time availabilities of customer service agents, thestatus of a particular customer service agent, and/or an estimate of anamount of time before a user may be connected to a customer serviceagent. For example, if customer service agents having a specificexpertise are available, then a menu may be customized to include anoption for service related to the specific expertise. In a more specificexample, if a customer service agent able to speak Russian is available,then a menu may be customized to include an option for communication inRussian. Likewise, when the expected wait time for one or more customerservice pipelines is longer (relative to other times) the menu may becustomized to provide more options for the customer to help themselvesand/or schedule a callback. This and other menu customization can beperformed in real-time, e.g., in response to a current state of acustomer service pipeline or other criteria.

Menu customization is optionally responsive to a particular event. Forexample, the CRM System 120A may receive real-time event informationand/or an identifier of a real-time event, and in response generate amenu customization based on that information. In an illustrativeexample, if an airline flight is cancelled, CRM System 120A may receivea notice of this event from an aircraft scheduling system.Alternatively, a customer may be notified that their flight has beencancelled or delayed, the notice including an identifier of this event.The customer can then make a request for service to CRM System 120A, therequest including the identifier.

A menu customization is generated in response to the event. The menucustomization including changes in menu structure and/or contents inresponse to the event. For example, where the event is a flightcancellation the menu customization may add a menu option for schedulinga different flight or making a hotel reservation. Similar approaches toreal-time menu customization may be made in response to events such as achange in stock price, a change in a travel schedule, a weather event, atraffic event, a change in vehicle status (e.g., crash, location, delay,occupancy, etc.), a change in temperature, an alarm trigger, a loss ofcommunication signal, a financial transaction, availability of test(e.g., medical) results, completion of a service (e.g., car repair), afinancial discount, a business offering (e.g., flash sale), and/or thelike.

Application Logic 270 is optionally configured to receive a notice of anevent, such as any of the events discussed herein. The notice may bereceived from Advertising System 130, CRM System 120A, from another oneof Access Devices 110, or from a third party. The event notice caninclude a simple identifier, e.g., “event 6 has occurred,” oralternatively can include data and/or metadata concerning an event. Forexample, an even notice can include the cancellation of a flight andflight details, the availability of a business offering and product andpricing details, and/or the like. The event may be real-time, e.g., theevent notice may be received as the event is occurring or during a timeinterval immediately following an event.

Application Logic 270 is optionally configured to present the event to auser using Display 215 and/or to automatically generate a servicerequest in response to the event. For example, Application Logic 270 mayreceive an event related to delayed delivery of an ordered product,display information regarding the event to a user via Display 215 andgenerate a menu customization including options for responding to thisevent. The options for responding to the event optionally include makinga customer service request to CRM System 120A. The type of request(e.g., callback, voice call, text or e-mail) and menu customization maybe dependent on the availability of customer service agents and thenumber of Access Devices 110 to which the notice has been sent.

In a specific example, a medical test result may become available, anotice of this result sent to Access Device 110B where informationregarding the result is presented to a user. The information isaccompanied by a customized menu that provides the user with options formaking a doctor appointment or scheduling a call with the doctor. Theseoptions may be responsive to the doctor's schedule.

In another specific example, a flight is cancelled or overbooked, noticeof the cancellation or overbooking is sent (in real-time) from a flightscheduling system to both CRM System 120A and a plurality of AccessDevices 110. At CRM System 120A the event notice is used to increase thenumber of available customer service agents and/or to advise a set ofcustomer service agents of details of the cancellation. At each ofAccess Devices 110 the event notice is used to inform users that theflight has been cancelled and to provide a menu of options, such asalternative flights, hotels and customer service. The menu of options iscustomized in real-time and the customization may be responsive tolocation of user, identity of flight cancelled, VIP status of user,availability of alternatives flight arrangements, a callback schedule,price paid for the cancelled flight, prior purchase of flight insurance,customer service agent availability, and/or any of the other criteriadiscussed herein. In some embodiments, users are provided with a menucustomization that includes a call-back option or other option dependenton a schedule. For example, menu options can be dependent on a customerservice agent availability schedule or a flight schedule. Times forcall-back presented in the menu can be selected to fit the schedule soas to efficiently distribute service calls over a set of customerservice agents. Priority for call-backs can be determined based on anyof the wide range of factors discussed herein. For example, a menucustomization and/or call-back schedule may be configured such that acustomer that paid more for a ticket or purchased flight insurance getsfirst chance at rescheduling on alternative flights.

Application Logic 270 is optionally further configured to manageenhancement of a communication channel. For example, Application Logic270 is optionally configured to receive activation data from CRM System120A or some other remote device. The activation data includes one ormore commands to cause Application Logic 270 to open a second (new)communication channel. The second communication channel may be betweenAccess Device 110A and CRM System 120A, or in some embodiments, betweena device locally connected to Access Device 110A and CRM System 120A. Asused herein, the term “locally connected” is used to refer to devicesthat are connected on a local network, such as devices connected by ahome router. Examples of locally connected devices include a television,cellular phone and climate control system in communication with eachother via a Wifi or Bluetooth enabled modem.

Typically, the activation data is sent to Access Device 110A (or adevice connected thereto) using an identifier of Access Device 110A orthe connected device. Examples of such identifiers are discussedelsewhere herein. However, in one example, a caller ID of Access Device110A is received at CRM System 120A as a result of a telephone call fromAccess Device 110A to CRM System 120A. This caller ID is then used tocommunicate the activation data from CRM System 120A to Access Device110A. In some embodiments, the telephone call is made using a firstcommunication channel (e.g., a voice channel of the cellular telephonenetwork) and the caller ID is used to communicate back to Access Device110A via a different channel (e.g., an SMS or MMS channel). Theactivation data may include a link, command string, communicationparameters, the identifier of Access Device 110A, an identifier of alocally connected device, an identifier of CRM System 120A, and/or asession ID. In some embodiments, a user of Access Device 110A isrequired to select, e.g., click on, a representation of the activationdata in order to permit the activation data to control Application Logic270.

Application Logic 270 may be configured to send the identifier of AccessDevice 110A (that was used to receive the activation data) or some otheridentifier (e.g., a session ID) of the communication session establishedin the first communication channel to CRM System 120A. Further, asdescribed elsewhere herein, Access Device 110A can have stored therein avariety of additional device and/or user account identifiers. Thesedevice and/or user account identifiers are optionally also communicatedto CRM System 120A. For example, Application Logic 270 may send an IMEInumber, a user account identifier (name, e-mail, etc.) using the secondcommunication channel opened in response to the activation data. Asdiscussed further elsewhere herein, these data may be used to associatea user's telephone number with an account that was previously indexedusing just a user name or e-mail address. In some embodiments theinformation communicated to CRM System 120A via the second communicationchannel includes an identifier or address of a device locally connectedto Access Device 110A. For example, the address of a television set ormodem connected to Access Device 110A (by wire or wirelessly) may besent to CRM System 120A.

The activation data is optionally received via a third communicationchannel, separate from the first communication channel and the second(new) communication channel opened in response to the activation data.(The “first,” “second” and “third” are not chronologic designations.)For example, the first communication channel may be a voice channel, thesecond communication channel may be a secure Internet session (usingSSL) and the third communication channel may be an SMS or MMS datachannel. The second communication channel may have an enhancedcommunication functionality relative to the first communication channel.“Enhanced communication functionality,” as used herein, is meant to meana larger and/or more useful set of communication functions. For example,enhanced communication functionality can include an ability to send datausing packets via TCP/IP protocols, to send data to internet protocoladdresses, to communicate video, to communicate digital commands toApplication Logic 270, to communicate over a secure connection, tocommunicate over an authenticated connection, and/or the like. If thefirst communication channel is capable of communicating the activationdata, e.g., the first contact to CRM System 120A from Access Device 110Ais via text message, then a third communication channel may not beneeded. In one example, the first communication channel is notconfigured for performing the various secure communications required (asdiscussed elsewhere herein) for authentication of Access Device 110A,and the second communication channel is configured for performing thesecommunications. In another example, the first communication channel isnot configured to communicate digital commands between Access Device110A and CRM System 120A, and the second communication channel isconfigured to communicate digital commands between Access Device 110Aand CRM System 120A. In another example, the first communication channelis not configured for controlling Application Logic 270 from CRM System120A and the second communication channel is configured for controllingApplication Logic 270 from CRM System 120A. In another example, thefirst communication channel is not configured for communicating betweenApplication Logic 270 and an API of CRM System 120A, and the secondcommunication channel is configured for communicating betweenApplication Logic 270 and an API of CRM System 120A.

Access Device 110A optionally further includes Identification Logic 275configured to send an identifier of Access Device 110A to a remoteserver (e.g., CRM System 120A) via the first communication channel. Theidentifier of Access Device 110A can be a SMS address, an MMS address, acaller ID number, an IP address, a MAC address, and/or the like. In oneexample, Identification Logic 275 is configured to read an accountidentifier and/or an identifier of Access Device 110A from memory withinAccess Device 110A. Identification Logic 275 is optional in embodimentswhere this functionality is part of Network 115. For example, a callerID number may be generated by a PTSN or a cellular network switch ratherthan by a mobile device connected to these networks.

Access Device 110A further includes a Processor 290. Processor 290 is adigital microprocessor configured to execute computer instructionswithin Access Device 110A. For example, Processor 290 is typicallyconfigured to execute at least part of Authentication Agent 235,Scheduling Logic 265, and/or Application Logic 270.

Authentication Agent 235 includes hardware, firmware and/or softwarestored on a non-transient computer readable medium. For example, in someembodiments, Authentication Agent 235 includes a software applicationdownloaded and installed on Access Device 110A. More specifically,Authentication Agent 235 may include an application downloaded onto asmart phone or other mobile device. Authentication Agent 235 isoptionally configured to encrypt the digital identification data suchthat the digital identification data is communicated to CRM System 120Aand/or GateKeeper 125 in an encrypted form.

FIG. 3 illustrates further details of Customer Relationship Management(CRM) System 120A, according to various embodiments of the invention.CRM System 120A may be part of an enterprise computer system configuredfor management of call centers. This enterprise system are optionallycloud based (e.g., Software as a Service—SaaS) and can include featuressuch as call routing, call queuing, service agent interfaces and accessto client data. CRM System 120A comprises one or more computing devicesand is optionally distributed among multiple locations. As discussedelsewhere herein, GateKeeper 125 is optionally disposed within CRMSystem 120A, and this instance of GateKeeper 125 may be configured toadditionally support CRM System 120B. In alternative architectures, eachof CRM Systems 120 may include their own instance of GateKeeper 125, ora GateKeeper 125 (external to any of CRM Systems 120) may be configuredto support multiple CRM Systems 120.

CRM System 120A further includes a Client Data Storage 310 configured tostore client data. This client data can include secure customer dataand/or less-secure customer data. The secure customer data is typicallystored in relation to particular accounts and can include informationsuch as account numbers, balances, transaction authorization keys,customer history, orders, medical information, social security numbers,etc. Client Data Storage 310 includes a physical computer readablestorage media such as a hard drive or optical drive. Client Data Storage310 may also include a relational database and a database managementsystem. The database management system is optionally configured torequire keys confirming authentication before some secure customer datacan be retrieved. In some embodiments, Client Data Storage 310 is remoterelative to one or more other parts of CRM System 120A and/or isaccessible via Network 115 or a private communication network.

CRM System 120A further includes Authentication Logic 320 configured toauthenticate a source of a customer service request, e.g., toauthenticate Access Device 110A. Authentication Logic 320 is configuredfor this task by including logic to, for example, receive a customerservice request from Access Device 110A, determine that the customerservice request may require access to secure customer data, send aauthentication request for digital identification data to Access Device110A, receive the requested digital identification data and forward thedigital identification data to GateKeeper 125. As discussed elsewhereherein, GateKeeper 125 is configured to ratify the digitalidentification data by comparing the received digital identificationdata and previously stored customer authentication data, and based onthis comparison approve or disallow the authentication of Access Device110A. The authentication is typically associated with a particularaccount and secure customer data within that account. In someembodiments, Access Device 110A must have previously been registered asan authorized access device for the particular account. If theauthentication is approved, the approval is communicated toAuthentication Logic 320.

The authentication may be communicated to Authentication Logic 320 bysetting of a flag, providing an access key, providing query access toClient Data Storage 310, returning a variable indicating success, and/orthe like. In some embodiments, once Access Device 110A is authenticatedfor a particular communication session it is assigned a sessionidentifier (ID). The session ID includes a value that may be used toautomatically re-authenticate Access Device 110A if the connectionbetween Access Device 110A and a first service agent on CRM System 120Ais transferred to a second (or additional) service agent on CRM System120A. The session ID is optionally provided to Authentication Agent 235for this purpose. Typically, once the communication session is concludedprivileges of the session ID are cancelled such that it cannot be reusedto authenticate any of Access Devices 110.

In some embodiments, Authentication Logic 320 is configured toauthenticate one of Access Devices 110 using at least two methods. Afirst of these methods optionally being a “manual” method involving aservice agent. For example, in the manual method Authentication Logic320 may provide the service agent a series of questions to be asked bythe service agent and to be answered by a user of Access Device 110A.The answers provided by the user are then compared to answers to thequestions previously provided by the user or to data the user shouldhave knowledge of. This comparison can be made by the service agent orby Authentication Logic 320. A second of these methods is, as discussedelsewhere herein, by providing digital identification data received fromthe one of Access Devices 110 to GateKeeper 125 and automaticallyreceiving a ratification of the digital identification data fromGateKeeper 125. The two methods of authenticating one of Access Devices110 can be applied in parallel or serially.

CRM System 120A further includes one or more Agent Interface 330. AgentInterface 330 includes logic configured to generate and operate agraphical user interface having fields for presenting data to a customerservice agent, and for the customer service agent to enter commands. Thegraphical user interface is optionally based on HTML or similarlanguage. In some embodiments, Agent Interface 330 is configured tovisually mark data secure customer data that is not authorized forcommunication to a user of Access Device 110A. Once Access Device 110Ais authenticated for a particular communication session, the visualmarkings on the secure customer data may be removed as an indication tothe customer service agent that the data can be discussed with the userof Access Device 110A. Note that, while the examples presented hereindiscuss granting or not granting a customer service agent access tosecure customer data. In alternative embodiments, the customer serviceagent may have access to this data by default and what is granted or notgranted is permission for the customer service agent to communicate thisdata to a member of Access Devices 110. The examples provided areintended to apply to both granting of access and granting of permission.

In alternative embodiments, Agent Interface 330 is replaced by an API(Application Program Interface) to computer instructions configured toautomatically provide functionality of a human agent or some otherfunctionality. For example, Agent Interface 330 may be replaced by anAPI to an expert system or other application. In some embodiments, theAPI is server based or peer based logic configured to perform tasks incooperation with an application executing on Access Device 110A.

CRM System 120A optionally further includes Access Logic 340. AccessLogic 340 is configured to provide members of Access Devices 110 tosecure customer data after the members have be authenticated asdiscussed herein. For example, in some embodiments, Access Logic 340 maybe configured to share a view of secure customer data on both AgentInterface 330 and Access Device 110A. While screen or data sharingtechnology is well known, Access Logic 340 is distinguished by beingresponsive to whether Access Device 110A has been authenticated for aparticular communication session. For example, Access Logic 340 mayinclude computing instructions configured to block access (from AccessDevice 110A) to secure customer data or to a view of this data untilAccess Device 110A has been authenticated.

CRM System 120A optionally further includes Forwarding Logic 350.Forwarding Logic 350 is configured to transfer a communication sessionfrom a first customer service agent to a second customer service agent.For example, a user of Access Device 110A may be communicating with thefirst customer service agent and the first customer service agent wishesto transfer the user to the second customer service agent (or add thesecond customer service agent for a 3-way communication session). Oncethe second customer service agent is in communication with Access Device110A, Access Device 110A can be automatically re-authenticated usingAuthentication Logic 320 and GateKeeper 125. This re-authentication isoptionally based on a session ID. In some embodiments, Forwarding Logic350 is configured to communicate the session ID to the second customerservice agent, where it can be used for authentication be comparing witha copy of the session ID stored on Access Device 110A.

CRM System 120A optionally further includes Pipeline Logic 360. PipelineLogic 360 is configured to manage queues (pipes) of customer servicerequests and the availability of customer service agents. Queues ofcustomer service requests may be general or presorted. Presorted Queuesinclude customer service requests that satisfy criteria of the presortedqueue. For example, a presorted queue may include request related tospecific subject matter, requiring a Spanish speaking customer serviceagent, or requests assigned to a specific customer service agent.Customer service request may be placed in a specific presorted queuebased on multiple criteria. One or more customer service agents may beassigned to a specific queue.

Pipeline Logic 360 is optionally configured to calculate estimates ofcustomer service agent availability. These estimates may include whenany agent or a specific agent will next be available, estimates of howlong waits are in a queue, how many agents will be available at aspecific time, when an agent assigned to a specific queue willavailable, times for which calls can be scheduled, and/or the like. Forexample, Pipeline Logic 360 may be configured to provide to SchedulingLogic 265 an estimated wait time before a customer service agent isexpected to be available in response to a customer service requestand/or to provide information regarding expected availability times forcustomer service agents. This information may be used to schedulecallbacks. The scheduling may be performed by Scheduling Logic 265 onAccess Device 110A or by Pipeline Logic 360 on CRM System 120A. Furtherdetails of Pipeline Logic 360 are discussed elsewhere herein.

CRM System 120A optionally further includes Request Logic 365 configuredto send requests from CRM System 120A to Access Devices 110 and toreceive responses therefrom. The requests may be sent in response toentries made by a customer service agent via Agent Interface 330,automatically generated by Authentication Logic 320, and/orautomatically generated by Request Logic 365.

Requests generated by Request Logic 365 optionally include commandsconfigured to control parts of Access Device 110A via Application Logic270. For example, a request can be configured to turn on a camerafunction (e.g., of Camera 245), turn on a microphone, activateFingerprint Reader 240, make a wireless connection (e.g., via a radio inI/O 210), and/or present content on Display 215. Because the generationof requests by Request Logic 365 is optionally under the control of acustomer service agent via Agent Interface 330, the customer serviceagent may directly control these parts of Access Device 110A. Forexample, Agent Interface 330 may include an input (e.g., virtual button,form field, check box or keystroke) that allows a customer service agentto turn on the GPS, fingerprint reader, camera, screen capture function,and/or other part of on Access Device 110A. This provides control ofinput hardware and/or other hardware elements on Access Device 110A tothe remote customer service agent via CRM System 120A. In someembodiments, this also assures that these components are used properly.For example, the customer service agent's control of a fingerprintreader, via a commend sent to Application Logic 270, can provideassurance that a fingerprint provided was obtained from a user inreal-time. Likewise, if Camera 245 is controlled by a command sent in arequest from CRM System 120A then Application Logic 270 can be used toprovide assurance that an image provided back to CRM System 120A inresponse is a real-time image of a user or other object.

Requests generated by Request Logic 365 optionally include menucustomizations generated by Request Logic 365. In these instances therequests typically include a request for a menu selection from a user ofAccess Device 110A. As discussed elsewhere herein, the menucustomizations can be responsive to a wide variety of factors includingprevious responses to requests, availability of customer service agents,customer characteristics, external events, and/or the like. For example,Request Logic 365 may automatically generate a request that asks a userof Access Device 110A to select from among a menu of alternativeauthentication procedures. Request Logic 365 is optionally configuredgenerate a series of menu customizations, each dependent on each other.For example, a response to a first customized menu may be used togenerate a menu customization for a second customized menu. The secondmenu customization is optionally responsive to both an input from thecustomer service representative made after the first customized menu hasbeen delivered to Access Device 110A and a response to the firstcustomized menu received from Access Device 110A.

In an illustrative example, CRM System 120A and Access Device 110A areused to refill prescriptions. Application Logic 270 is used to send aninitial customer service request to CRM System 120A. In response, CRMSystem automatically generates a request to Access Device 110A forauthentication. As discussed elsewhere herein the authentication caninclude use of input hardware on Access Device 110 to answerauthentication questions, evaluate a certificate on Access Device 110A,capture of an authentication image, obtain biometric data regarding auser of Access Device 110, and/or the like. In response to successfulauthentication, Request Logic 315 is used to generate a menucustomization based on characteristics of the authenticated user. Thismenu customization can include, for example, a checklist of currentprescriptions, medical tests, and/or doctor appointment information. Themenu customization is presented on Display 215 as a new menu or amodification of a default menu. The user of Access Device 110A can thenselect from the menu to, for example, refill a particular prescription(for mail or pickup) and schedule a doctor appointment.

In another illustrative example, CRM System 120A and Access Device 110Aare used to confirm and/or authorize a financial transaction. Forexample, if a user of Access Device 110A places an order on a website,the systems discussed herein can be used to present the user withdetails, terms and conditions of the financial transaction. Such anexchange can involve a customer service agent using Agent Interface 330.Further, the confirmation or authorization can be for a transactionverbally communicated between the user and customer service agent. Theinvolvement of a customer service agent and the agent's ability to do sodistinguishes the confirmation or authorization from those financialtransactions entered purely through a web interface.

For example, in some embodiments, a user makes a customer servicerequest through Application Logic 270 for a purchase or sale of companystock. This request is optionally in response to a notice regardingstock price changes. In response to this request, the user is firstauthenticated using systems and methods described elsewhere herein. Theuser and customer service agent are then connected in an audio and/orvideo communication channel. Images and/or voice of the user andcustomer service agent are communicated between Access Device 110A andCRM System 210A. The user can verbally (and/or via text) ask questionsof the customer service agent and can also place orders for stocktransactions. At any time in the exchange between these two parties, thecustomer service agent can send a confirmation request to ApplicationLogic 270, which displays the request on Display 215 and waits for aresponse to the user. The confirmation request can include transactiondetails as entered by the customer service agent and can require abiometric response, e.g., a fingerprint scan or voice statement. Theconfirmation request is optionally initiated by the customer serviceagent using a control on Agent Interface 330. As noted elsewhere herein,the request can include a command configured to cause Application Logic270 to activate input hardware on Access Device 110A.

In other embodiments, examples of confirmation/authentication requestsinitiated by a customer service agent, where timing of the request iscontrolled by the agent, include: requesting of pictures in an insuranceclaim, requesting accesses to a security camera in a home or business,providing terms and conditionings, asking for text input if audio/voiceis unclear, asking permission to access tethered devices (e.g., overWiFi, Bluetooth, and/or cable), and/or the like. Examples of things thatmay be requested by a customer service agent via Agent Interface 330include: a screen capture, location data, contents of Display 215, animage, fingerprint, approval of terms and conditions, or order details,biometric data, personal questions, electronic signature, voicestatement, microphone activation, camera activation, radio information(e.g., WiFi address or MAC address), fingerprint scanner activation,device movement, and/or the like. In some embodiments, the requestedinformation is provided to the customer service agent via AgentInterface 330. In some embodiments, the requested information isremotely processed. For example, answers to personal questions used toauthenticate a user may be compared with previously stored answers byApplication Logic 270, by a different agent, by a separate computingdevice, etc. This preserves privacy be preventing the answers from beingdirectly observed by the customer service agent interacting with theuser.

In some embodiments, a customer service agent may initiate a request viaAgent Interface 330 that is not necessarily presented on Display 215and/or requires input from a source other than the user of Access Device110A. For example, a customer service agent may request data stored onAccess Device 110A and/or from hardware in communication with AccessDevice 110A. Such hardware can include a cable box, a vehicle diagnosticsystem, a thermostat, a utility meter, a global positioning system, apersonal computer, and/or the like. Such request may also be generatedautomatically by CRM System 120A.

CRM System 120A optionally further includes Notice Logic 370. NoticeLogic 370 is configured to send notices of events to Access Devices 110,e.g., to Application Logic 270 on Access Device 110A. Notice Logic 370is optionally included in CRM System 120B or in some other system. Forexample, Notice Logic 370 may be part of a third party schedulingsystem, appointment system, and/or calendaring system. Notice Logic 370is optionally configured to receive data regarding an event from asource external to CRM System 120A. For example, Notice Logic 370 mayreceive schedule changes from a scheduling system, stock prices form atrading system, and/or data from environment sensors. Notice Logic 370is optionally configured to process this information and generatenotices accordingly. For example, a user may have configured an accounton Notice Logic 370 to provide a notice in response to a stock pricemovement, a temperature reading at a thermostat, and/or location data.

Notices sent by Notice Logic 370 are optionally selectively sent basedon customer characteristics or on characteristics of customer serviceagents. For example, in response to a notice of a flight cancellation,Notice Logic 370 may send notices to users that were scheduled for thatflight. Further, VIP customers (e.g., users that paid more for theirticket) may receive notices prior to customers of lower priority. NoticeLogic 370 is optionally configured to send notices over time orprioritization and/or load balancing purposes. For example, notices of aflight cancellation may be sent at times dispersed over a predesignatedperiod (e.g., 45 minutes), thus some customers receive their noticeprior to other customers and a notice rate (e.g., notices/hour) at whichnotices are sent is controlled.

In some embodiments, Notice Logic 370 is configured to send notices toAccess Devices 110 in response to an availability of customer serviceagents at CRM Systems 120. This feature is optionally used to controlthe timing of customer service requests made to CRM System 120. Forexample, notices that are likely to result in a customer service requestcan be scheduled to be sent when customer service agents are available.If no customer service agents are currently available, or expected tobecome available in the immediate future, then notices may be delayeduntil customer service agents are likely to be available to handle theresulting customer service requests.

In a specific example, as a result of a flight cancellation Notice Logic370 may be configured to send notices of the cancellation to customersscheduled to take the cancelled flight (a characteristic of thecustomers). Higher priority customers receive notices before lowerpriority customers. Notices are sent at a notice rate such thatavailable customer service agents are able to handle the resultingcustomer service requests, without undue delay or a customer having towait on hold for too long. In some embodiments, Notice Logic 370 isconfigured to send notices including proposed callback times. Thesecallback times can be in order of customer priority and/or at timesdispersed so as to manage the call load on customer service agents.

In some embodiments, Notice Logic 370 is configured to send notices tounavailable customer service agents, requesting that they makethemselves available. For example, in response to an event such as atravel cancelation notices may be sent to the personal cell phones ofoff-duty customer service agents, requesting that they make themselvesavailable for an expected surge in customer service requests.

Notices provided by Notice Logic 370 can include a menu customized asdiscussed elsewhere herein. For example, a notice may include adescription of an event, and one or more possible customer responsesincluding alternative ways of making a customer service request. In someembodiments, the menu included in a notice includes an option toautomatically book an alternative flight or a hotel. Such menus aregenerated in real-time based on any characteristics of the customer andavailability of various response/remedy types.

CRM System 120A optionally further includes Enhancement Logic 375configured to enhance communication between CRM System 120A and AccessDevice 110A. Communication is enhanced by opening new (second)communication channels that typically have enhanced communicationfunctionality relative to initial (first) communication channels.Enhancement Logic 375 may also assist with the provision of customerservices and/or assist with authentication of Access Device 110A bysimplifying the association of a contact made via the firstcommunication channel to a user's account.

More specifically, Enhancement Logic 375 is configured to receive acommunication from Access Device 110A via a first communication channel.As discussed herein, the first communication channel may be via acellular telephone network, a PTSN, a SMS or MMS channel, and/or thelike. The first communication channel may be established by calling atelephone number associated with CRM System 120A or sending a textmessage to CRM System 120A, for example. Enhancement Logic 375 isfurther configured to execute Application Logic 270 on Access Device110A so as to open a second (new) communication channel between AccessDevice 110A and CRM System 120A.

The second communication channel is opened using an identifier of AccessDevice 110A and/or an identifier of the communication received via thefirst communication channel. For example, the second communicationchannel may be opened using data that includes a caller ID of AccessDevice 110A as well as an identifier of an account and/or user of AccessDevice 110A. Specifically, the second communication channel may beopened using a username (e.g., facebook login name), IMEI number, and/oruser e-mail previously associated with a user's account. Thisinformation may be stored on Access Device 110A and thereby accessibleto Application Logic 270. Enhancement Logic 375 is optionally configuredto request this information by sending commands to Application Logic270. The second communication channel typically has an enhancedcommunication functionality relative to the first communication channel.

The second communication channel is optionally opened between a devicelocally connected to Access Device 110A using an identifier stored onAccess Device 110A. For example, the second communication channel may beopened using an address of a television set locally connected to acellular phone. By opening the second communication channel to a locallyconnected device, the communication channel may be used to diagnoseand/or execute Application Logic 270 on the locally connected device.For example, the second communication channel may be used by a customerservice agent to capture a screen image or control a function of thelocally connected device via Agent Interface 330.

Enhancement Logic 375 is optionally configured to control ApplicationLogic 270 on Access Device 110A by sending an SMS or MMS message toApplication Logic 270. This message can include links, universalresource locators, commands, a session ID, a caller ID, and/or any ofthe other identifying information discussed herein. This message isoptionally sent via a third communication channel between Access Device110A and CRM System 120A, e.g., a communication channel specifically forSMS messaging. The message sent to Application Logic 270 is optionallysent to a caller ID number or other identifier received as a result of acall made using the first communication channel.

Enhancement Logic 375 is optionally configured to keep both the firstcommunication channel and the second communication channel open at thesame time. This allows, for example, a user of Access Device 110A tocommunicate via voice with a customer service agent, while at the sametime the customer service agent can control operation of Access Device110A and/or a device locally connected thereto. Enhancement Logic 375 isoptionally configured to direct the first and second communicationchannels to the same human customer service agent and/or the same AgentInterface 330. In some embodiments, Enhancement Logic 375 is configuredto provide a link to Access Device 110A, the link being configured toprovision all or part of Application Logic 270 to Access Device 110A.

CRM Systems 120 optionally further includes Account Identification Logic380. Account Identification Logic 280 is configured to associate anidentifier of Access Device 110A with an account of a user of AccessDevice 110A. This association is based on the various data received viathe second communication channel. For example, if a user's account isindexed using a username or an e-mail address, the account may notinclude a user's telephone number. When a call is received from AccessDevice 110A the caller ID of this call may not be sufficient toautomatically look up the caller's account. However, when the caller IDor information (session ID) identifying the call made via the firstcommunication channel is received from Application Logic 270 via thesecond communication channel, the caller ID can be associated with theaccount information received via the same communication channel. Theassociation is optionally saved in Client Data Storage 310 so that thenext time a call is received from Access Device 110A the user's accountcan be automatically retrieved.

CRM System 120A typically further includes a Microprocessor 390configured by the addition of computing instructions to executeAuthentication Logic 320, Forwarding Logic 350, Enhancement Logic 375,and/or Pipeline Logic 360.

FIG. 4 illustrates methods of managing a customer service request,according to various embodiments of the invention. In these methodsautomatic authentication of an access device, e.g., Access Device 110A,is achieved by receiving digital identification data from the accessdevice and ratifying the digital identification data using GateKeeper125. Following authentication of the access device, access and/or use ofsecure customer data is enabled. The methods illustrated in FIG. 4 areoptionally performed using CRM System 120A and GateKeeper 125.

In a Receive Request Step 410, a request to communicate is received atCRM System 120A from Access Device 110A, This request may be in the formof a phone call, an Internet chat session (voice, video and/or text),and/or the like. The request is optionally generated by an applicationon Access Device 110A. This application (e.g., Authentication Agent 235)may be configured to communicate both voice and digital data, e.g., toCRM System 120A. In some embodiments, the request

In an optional Call Back Step 413, a “callback” is received at AccessDevice 110A from CRM System 120A. Call Back Step 413 is not needed, forexample, when a customer service agent is immediately available at CRMSystem 120A. The callback may occur at a scheduled time or when the nextcustomer service agent is available. Whether a callback is required ornot, associated data and voice channels are opened between Access Device110A and CRM System 120A. These channels are associated in that theendpoints for each are fixed and changes in these endpoints can only bechanged under the control of CRM System 120A (e.g., by AuthenticationLogic 320 or Forwarding Logic 350). A customer service agentcommunicating with a user of Access Device 110A is assured that thevoice and data channels both originate at the same Access Device110A—such that authentication over the data channel can be used toauthorize communication over the voice channel. Call Back Step 413 isoptionally facilitated by Scheduling Logic 265 and Pipeline Logic 360.

In an optional Session ID Step 415, a session ID is assigned to therequest to communicate, e.g., to the communication session. The sessionID typically includes a temporary value that expires when thecommunication session is terminated. In Session ID Step 415 the assignedsession ID is optionally communicated to Access Device 110A.

In an optional Manual Authentication Step 420, Access Device 110A and/ora user of Access Device 110A is authenticated by a customer serviceagent. This authentication may be accomplished by the customer serviceagent asking the user one or more questions. Manual Authentication Step420 is optionally performed in parallel to or prior to automatedauthentication of Access Device 110A. For example, Manual AuthenticationStep 420 may be performed in parallel with Steps 425-445 discussedbelow.

In an optional Provide Data Step 425, less secure or unsecured customerdata is provided to Access Device 110A and/or to a customer serviceagent. This data includes information that does not requireauthentication of the Access Device 110A or the user thereof. Forexample, Provide Data Step 425 may include providing a customer name,account number and address to a customer service agent. Provide DataStep 425 may also include providing questions to the customer serviceagent, the questions being configured for manual authentication of thecustomer.

In an optional Send Request Step 430, a request for digitalidentification data is automatically sent to Access Device 110A. SendRequest Step 430 is optional when the digital identification data isreceived along with the request in Receive Request Step 410. At AccessDevice 110A, this request is typically received by Authentication Logic320.

In a Receive DI Data Step 435, the requested digital identification datais received at CRM System 120A or GateKeeper 125 from Access Device110A. As noted elsewhere herein, the requested digital identificationdata may include biometric data, a unique device identifier, apassword/PIN, and/or the like. The digital identification dataoptionally includes a combination of these data types to achievemulti-factor authentication. The digital identification data isoptionally received in an encrypted form.

In a Provide DI Data Step 440, the digital identification data receivedin Receive DI Data Step 435 is provided to GateKeeper 125 forratification. In embodiments wherein GateKeeper 125 is within CRM System120A, Provide DI Data Step 440 may merely include transfer of the databetween subroutines.

In a Receive Ratification Step 445, a ratification of the digitalidentification data is received from GateKeeper 125. This ratificationcompletes an authentication of Access Device 110A. Note that if aratification occurs on Access Device 110A using Access Control 220, thenReceive DI Data Step 435 and Provide DI Data Step 440 are optional. Theratification received in Receive Ratification Step 445 is received fromAuthentication Agent 235 and may be based on a ratification performed byAccess Control 220.

In a Provide Secure Data Step 450, secure customer data is provided toAccess Device 110A and/or Agent Interface 330. Note that Provide SecureData Step 450 can occur after either manual or automated authenticationof Access Device 110A. Some embodiments require both manual andautomated authentication prior to granting access to particularly securecustomer data. In some embodiments automated authentication of AccessDevice 110A is achieved before an agent is included in thecommunication. In these embodiments, the agent need not spend time onauthentication processes or may merely activate an authenticate requestcommand.

FIG. 5 illustrates further details of Pipeline Logic 360, according tovarious embodiments of the invention. Pipeline Logic 360 isdistinguished, in part, by the ability to authenticate Access Devices110 before the service request is received by a customer service agent.This authentication provides additional information that can be used tomanage customer service requests. For example, the authentication can beused to automatically retrieve user account information, a callbacknumber, a user's service history, a user's calendar, and/or the like.The operation and functionality of Pipeline Logic 360 is described withreference to FIG. 6.

FIG. 6 illustrates Request Pipelines 610, according to variousembodiments of the invention. Request Pipelines 610 are virtualrepresentations of lists of Customer Service Requests 615 (individuallydesignated 615A, 615B, etc.) Each of Request Pipelines 610 is assignedto one or more Customer Service Agents 620 (individually designated620A, 620B, etc.) Customer Service Requests 615 are received at a TriageZone 625 of Request Pipelines 610, from which they are sorted in tospecific members of Request Pipelines 610. Request Pipelines areindividually designated 610A, 610B, etc. Request Pipelines 610 andTriage Zone 625 are virtually representations of the processing ofCustomer Service Requests 615. In actual practice the Customer ServiceRequests 615 include data structures and data characterizing eachrequest. The position of an individual member of Customer ServiceRequests 615 within the virtual structures illustrated in FIG. 6 can berepresented by an ordered set of pointers, tags indicative of order,memory location, and/or the like. For example, the location of CustomerService Request 615F in FIG. 6 may represent a data tag indicating thatit has been assigned to Request Pipeline 610C and a pointer indicatingthat it is in the third position within this queue. Customer ServiceAgents 620 represent human service agents and/or their respectivecomputing devices. Typical embodiments include a greater number ofCustomer Service Requests 615, Request Pipelines 610 and CustomerService Agents 620 than are illustrated in FIG. 6.

Referring to FIGS. 5 and 6, Pipeline Logic 360 includes Agent AssignmentLogic 510. Agent Assignment Logic 510 is configured for assigningCustomer Service Agents 620 to members of Request Pipelines 610. Toaccept Customer Service Request 615, each of Request Pipelines 610 hasat least one Customer Service Agent 620 assigned. As illustrated amember of Request Pipelines 610 may have one, two or more CustomerService Agents 620 assigned thereto. A particular member of CustomerService Agents 620 may be assigned to more than one of Request Pipelines610.

In some embodiments, Agent Assignment Logic 510 is configured todynamically assign Customer Service Agents 620 to Request Pipelines 610in response to profiles of the Customer Service Agents 620 and thereal-time status of Request Pipelines 610. This assignment can includethe creation (allocation) and destruction (deallocation) of RequestPipelines 610. Examples of the criteria that may be used to selectCustomer Service Agent 620B for assignment to Request Pipelines 610A or610B include: load balancing, workday schedule (e.g., breaks and timeon/off) of Customer Service Agent 620B, skills and/or expertise ofCustomer Service Agent 620B, classification of the Request Pipelines610A or 610B, number of scheduled Consumer Service Requests 615(scheduled callbacks) assigned to Customer Service Agent 620B, otherCustomer Service Agents 620 available, and/or the like. For example,Customer Service Agent 620B may be authorized to reset passwords foronline customers and may be assigned to Request Pipeline 610A because itis classified to include password requests. Customer Service Agents 620Bmay be assigned to Request Pipelines 610 automatically or manually.

Pipeline Logic 360 typically further includes Sorting Logic 520. SortingLogic 520 is configured to receive Customer Service Requests 615 andassign these requests to specific members of Request Pipelines 610.Typically, each of Customer Service Requests 615 is assigned to a singleone of Request Pipelines 610 on a 1-to-1 basis. The assignment ofCustomer Service Requests 615 is based, at least in part, on theclassification of each of Request Pipelines 610. Request Pipelines 610are classified by request type. For example, different members ofRequest Pipelines 610 may be classified as including Customer ServiceRequests 615 for account balances, for technical service, for passwordchanges, for new accounts, for sales, etc. The purpose of a CustomerService Request 615 may be determined by a source of the request, by thecustomer selections made in a menu, by data entered on a web page, byparsing narrative text, by a destination address (e.g., URL or telephonenumber) of the request, and/or the like. A member of Request Pipelines610 may have multiple classifications. Sorting Logic 520 is typicallyapplied while a request is in the Triage Zone 625 illustrated in FIG. 6.

The assignment of Customer Service Requests 615 to one of RequestPipelines 610 is optionally based on whether the source of the requesthas been authenticated or not. For example, Request Pipeline 610B may beclassified to receive Customer Service Requests 615 from authenticatedsources and Request Pipeline 610C may be classified to receive CustomerService Requests 615 from unauthenticated sources. The authenticationstatus of Customer Service Request 615A can change over time. If thisoccurs, the request may be transferred from one of Request Pipelines 610to another of Request Pipelines 610.

If the source of Customer Service Request 615D is authenticated, theninformation regarding the account of a user may be used to assign therequest to a specific member of Request Pipelines 610. This informationregarding the account may only be available for authenticatedsources/users. For example, the financial information or service historyof a user may be available after authentication. VIP customers may haveaccess to special Request Pipelines 610. This information can be used bySorting Logic 520 to assign Customer Service Request 615D to aparticular member of Request Pipelines 610. For example, the request maybe assigned to a pipeline associated with a Customer Service Agent 620that the requestor has dealt with previously, a Customer Service Agent620 qualified to serve customers with an account balance in a certainrange, and/or the like.

Pipeline Logic 360 typically further includes Ordering Logic 530.Ordering Logic 530 is configured to manage the order of Customer ServiceRequests 615 in Request Pipelines 610. For example, Ordering Logic 530is configured to hand off the Customer Service Requests 615 in afirst-in-first-out (FIFO) manner. Exceptions to the FIFO management ofrequests that are found in various embodiments are: 1) the insertion ofscheduled callbacks into the Request Pipelines 610; 2) giving priorityto Customer Service Requests 615 from automatically authenticatedsources; and/or 3) giving priority to transferred Customer ServiceRequests 615. Ordering Logic 530 is optionally configured to dynamicallymodify the order of Customer Service Request 615 within Request Pipeline610. Factors that can be used to determine order include, transferredcalls, repeat calls, authentication of source, priority (VIP) customerstatus, account value, account balance, and/or the like.

A scheduled call-back is scheduled for a specific time or time range.Call-backs are based on Customer Service Requests 615 that are notimmediately serviced and requested by the customer to occur at aspecific time or within a time range. As noted elsewhere herein,Scheduling Logic 265 may be used to schedule a call-back. In FIG. 6,scheduled Customer Service Requests 615 are indicated by a solid circlewhile non-scheduled Customer Service Requests 615 are indicated by anopen circle. In some embodiments, the source of a Customer ServiceRequest 615 must be authenticated before a call-back can be scheduled.

The authentication of a source of Customer Service Request 615E canoccur when Customer Service Request 615E is first received, whenCustomer Service Request 615E is in Triage Zone 625 and/or when CustomerService Request 615E is in one of Request Pipelines 610. In someembodiments, Customer Service Request 615E may be moved from one ofRequest Pipelines 610 to another of Request Pipelines 610 based onsuccessful authentication of its source.

Pipeline Logic 360 typically further includes Estimation Logic 540.Estimation Logic 540 is configured to estimate the times that resolutionof a Customer Service Requests 615 will take. For Example EstimationLogic 540 may estimate that resolution of Customer Service Request 615Awill take 5 minutes. The estimation of how long servicing a request willtake can depend on the same criteria used to place a request in one ofRequest Pipelines 610. Further, the estimation may be based on whetheror not a source of the Customer Service Request 615 has beenauthenticated. Typically, requests from authenticated sources areexpected to take less time than requests from un-authenticated sources.Further, the estimation may be based on historical request resolutiontimes of a particular member of Customer Service Agents 620. Estimatesmade by Estimation Logic 540 are used to predict when a particularCustomer Service Agent 620 will be available to respond to a scheduledCustomer Service Request 615.

Pipeline Logic 360 typically further includes Scheduling Logic 265. Asnoted elsewhere herein, Scheduling Logic 265 is configured forscheduling a call-back. This scheduling may be automatic and be based onpredicted availability of one or more Customer Service Agents 620A. Theoperation of Scheduling Logic 265 is illustrated by FIG. 7. FIG. 7illustrates a Customer Schedule 710 and an Agent Schedule 720. Hashmarks are meant to indicate unavailable times. Customer Schedule 710 maybe derived from, for example, an outlook or Google calendar of thecustomer making the Customer Service Request 615. The Customer Schedule710 may be derived from data retrieved from the source of the request.Agent Schedule 720 is derived from the schedules of one or more CustomerService Agents 620. Unavailable times are those for which no qualifiedCustomer Service Agents 620. The Unavailable times may be based onestimates made using Estimation Logic 540, work schedules, previouslyscheduled call-backs, and/or the like. Scheduling Logic 265 isconfigured to automatically identify one or more Common Available Times730 that are available on both Customer Schedule 710 and Agent Schedule720. As discussed elsewhere herein, the Common Available Times 730 areoptionally presented to the requestor.

FIG. 8 illustrates methods of managing Customer Service Requests 615,according to various embodiments of the invention. These methods may beperformed using CRM System 120. The steps illustrated may be performedin a variety of alternative orders.

In a Create Pipeline Step 810 one or more Request Pipelines 610 iscreated. The created Request Pipelines 610 are each associated withspecific characteristics to be used to determine if a specific CustomerService Request 615 should be placed in that Request Pipeline 610. Asdiscussed elsewhere herein, these characteristics can include whetherthe source of the request has been authenticated, an identity of thecustomer making the request, data provided by the customer, etc.

In some embodiments, Create Pipeline Step 810 is automatically performedif a Customer Service Request 615 is received that does not match thecharacteristics of any currently available pipeline. The created RequestPipeline 610 may be represented in CRM Systems 120 by allocated pointersand/or allocated memory locations. Create Pipeline Step 810 is optionalin instances where any needed Request Pipelines 610 are alreadyallocated.

In an Assign Agents Step 820 one or more Customer Service Agents 620 areassigned to the Request Pipelines 610 created in Create Pipeline Step810. As noted elsewhere herein, this assignment may be based oncharacteristics of the pipeline, authority, work schedule, and/orworkload of the Customer Service Agents 620, number of Customer ServiceRequests 615 currently pending, etc. Assign Agents Step 820 is optionalin embodiments in which Customer Service Agents 620 are previouslyassigned to current Request Pipelines 610. Assign Agents Step 820 isoptionally performed using Agent Assignment Logic 510.

In an optional Receive Event Step 823 information regarding an event isreceived by Notice Logic 370. As discussed elsewhere herein, the eventmay be a change in travel schedule, an appointmentavailability/cancellation, a business offer (a sale), or any otheroccurrence that could result in a customer service request. The eventcan be received from a third party system and/or detected by NoticeLogic 370 by monitoring a remote data source. The event information isoptionally received as a text or SMS message and can include an eventidentifier, a timestamp, location, metadata, a text description of theevent, event data (e.g., flight number or stock price), sourceinformation, etc.

In an optional Provide Notice Step 826 notice of the event received inReceive Event Step 823 is provided to one or more of Access Devices 110.The notice can include any of the information that was received with theevent. The notice can also include a menu customization generated basedon any of the menu customization factors discussed elsewhere herein.Specifically, the notice typically includes a menu customizationconfigured to give a user an option to make a customer service requestand/or to take other actions in response to the event. Such actions mayinclude rescheduling an appointment or trip, speaking with a customerservice agent, scheduling a callback, making a financial transaction,etc. Provide Notice Step 826 is performed using Notice Logic 370.

In various embodiments the timing and or content of notice provided inProvide Notice Step 826 is dependent on characteristics of a customer,availability of a customer service agent, a delivery or serviceschedule, and/or the like. Provide Notice Step 826 optionally includessending notices to customer service agents, the notices requesting thatthey become available to handle customer service requests.

In a Receive Request Step 830 a Customer Service Request 615 is receivedfrom one of Access Devices 110. Receive Request Step 830 is anembodiment of Receive Request Step 410. The customer service requestreceived in Receive Request Step 830 is optionally in response to anotice of an event provided in Provide Notice Step 826. For example, thecustomer service request may be initiated by a customer's selection in acustomized menu that was included in a notice of an event.

In an optional Create Menu Step 833 a menu customization is created inresponse to the customer service request received in Receive RequestStep 830. The menu customization may be created by Notice Logic 370,Authentication Logic 320, and/or Request Logic 365. As describedelsewhere herein, the menu customization may include a fully customizedmenu or changes to a default menu. The menu customization can be basedon characteristics of a customer (e.g., user of Access Device 110A),availability of a customer service agent having a specific specialty, anexpected wait in Request Pipeline 610A, possible automated solutions tothe customer service request (e.g., automated rebooking of travel), adelivery or service schedule, and/or the like.

In an optional Provide Response Step 835 a response to the customerservice request received in Receive Request Step 830 is provided. Theresponse is typically provided to the member of Access Devices 110 fromwhich the customer service request was received, e.g., Access Device110A. The response optionally includes a menu customization created inCreate Menu Step 833 and/or a command configured to control AccessDevice 110A via Application Logic 270. The command may be configured torequest input from the user of Access Device 110A, to activate inputhardware on Access Device 110A, and/or to perform any of the otheroperations discussed herein.

The response is optionally sent in response to an action by a humancustomer service agent at Agent Interface 330. Specifically, in ProvideResponse Step 835 a customer service agent may execute an input on AgentInterface 330 that causes a command and menu customization to be sent toApplication Logic 270. Thus, the customer service agent has directcontrol over the function and operation of Access Device 110A.

The customer service agent may require that the customer provideauthentication data, a menu selection, an approval, and/or otherinformation. Specifically, the response may include a request for anelectronic signature, a fingerprint, a password, a photograph, a screencapture, and/or the like. The request may be in response to a real-timeevent, one or more characteristics of the customer, an authenticationstatus of the customer (e.g., how well the customer has beenauthenticated), a location of Access Device 110A, a priority of thecustomer, and/or the like.

In an optional Receive User Input Step 838, a user input is received inresponse to Provide Response Step 835. The user input can include any ofthe information requested/required in Provide Response Step 835. Forexample, the user input can include a menu selection, biometric data, aconfirmation/authorization, and/or the like.

The user input received in Receive User Input Step 838 is optionallyprocessed by Application Logic 270 prior to being communicated to CRMSystem 120A. For example, Application Logic 270 may be used to compare afingerprint received in real-time to previously stored fingerprint data,and to report results of this comparison to CRM System 120A. Likewise, acustomer's answer to an authentication question can be compared with apreviously stored answer, by either Application Logic 270 orAuthentication Logic 320.

Create Menu Step 833, Provide Response Step 835 and Receive User InputStep 838 may occur at any time in the method illustrated in FIG. 8.

In an Authenticate Step 840 the source of the received Customer ServiceRequest 615 is authenticated. The authentication may be performed asdescribed elsewhere herein, for example, using Access Device 110A, CRMSystem 120A, and/or the steps illustrated in FIG. 4. Either or both theperson (requestor) making the request and the Access Device 110 fromwhich the request is sent may be authenticated.

In a Sort Request Step 850 the Customer Service Request 615 received inReceive Request Step 830 is assigned to one of Request Pipelines 610.This assignment is based on, for example, whether the request has beenauthenticated, information provided by the requestor, characteristics ofthe Request Pipelines 610, and/or any other of the criteria discussedherein. Sort Request Step 850 is optionally performed using SortingLogic 520. Once placed in one of Request Pipelines 610, the position ofthe request within the queue is managed using Ordering Logic 530.

In an optional Schedule Call-back Step 860 a call-back for the CustomerService Request 615 is scheduled using Scheduling Logic 265. Thescheduling is based on Agent Schedule 720 and optionally on CustomerSchedule 710. Schedule Call-back Step 860 may make use of estimates oftimes required for a Customer Service Agent 620 to answer CustomerService Requests 615. For example, Scheduling Logic 265 may consider howlong answering the Customer Service Request 615 for which a call-back isbeing scheduled will take to assure that the Customer Service Agent 620is available for enough time. In another example, Scheduling Logic 265may use an estimate of how long an unscheduled Customer Service Request615 will take to assure that one of Customer Service Agents 620 isavailable for a scheduled call-back.

In an optional Provide Ad Step 870 Advertising Server 130 is used toselect and provide an advertisement to the source (e.g., member ofAccess Devices 110) from which the Customer Service Request 615 isreceived. The selection of the advertisement is optionally based oninformation available only after the source is authenticated inAuthenticate Step 840. For example, the advertisement selection may bebased on the balance of a bank account or on a customer service requesthistory of interactions between the source and CRM System 120A. Asdiscussed elsewhere herein, the advertisement may be presented onDisplay 215. Provide Ad Step 870 optionally occurs while the CustomerService Request 615 is waiting in one of Request Pipelines 610.

In a Provide Service Step 880 the requested customer service is providedto one of Customer Service Agents 620, who then provides the requestedservice. This step typically occurs when the associated Customer ServiceRequest 615 reaches the final position in one of Request Pipelines 610.As discussed elsewhere herein, the service provided may make use of dataavailable (only) because the source of the request has beenauthenticated. Steps 833, 835 and/or 838 are optionally included inProvide Ad Step 870 and/or Provide Service Step 880.

FIG. 9 illustrates methods of enhancing a communication channel,according to various embodiments of the invention. These methods areoptionally performed using the systems disclosed elsewhere herein. Theenhancement occurs by adding at least a second communication channelhaving enhanced communication functionality relative to a first,original, communication channel. The second communication channel may beestablished using account information that was not available to theestablishment of the first communication channel. In some embodiments, arelationship is established between a caller ID number of an accessdevice and other account identifiers. The methods illustrated may beused to provide customer service to a user, or may be used to getweb/cloud based services starting with a phone call or text message.

The steps illustrated in FIG. 9 are described with reference to FIG. 10.FIG. 10 illustrates the use of several communication channels betweenAccess Device 110A and a Server 1010, according to various embodimentsof the invention. Server 1010 may be any server configured to provideweb/cloud services, and/or may include an embodiment of CRM System 120A.Server 1010 may include a system in which an API is configured toprovide services to a remote client based on an expert system or othercomputing instructions (without necessarily or initially including ahuman agent). For example, the steps illustrated in FIG. 9 may allow auser to contact an airline reservation system starting with a simplecall or text message. The communication between the user and the systemis enhanced such that the user can use their mobile device to interactwith the API of an automated reservation server and, when the userdesires, the user can also interact with a human agent. The interactionwith the human agent may be over the first and/or second communicationchannels. The user may interact with both the human agent and the API(application program interface) at the same time.

Referring to FIG. 9, in a Receive 1^(st) Communication Step 910, a firstcommunication is received from a client, e.g., from Access Device 110A.The first communication may be received at Server 1010 or in apeer-to-peer situation at another member of Access Devices 110. Thefirst communication is received via a first Communication Channel 1020,which is optionally a voice channel with limited functionality. Forexample, the first communication may be a PTSN or voice over IP call.

In an Identify Client Step 915, a source of the first communication isidentified based on information received from the client via the firstcommunication channel. In various embodiments, the information is acallerID number, MAC address, IP address, and/or the like. Theinformation received may not be sufficient to positively identify anaccount of a user. For example, if the user's account is indexed using ausername or e-mail address, the account data may not include a telephonenumber.

In a Send Data Step 920, activation data is sent to the client. Theactivation data is configured to control an application, e.g.,Application Logic 270, on the client. The activation data typicallyincludes an identifier of the first communication and/or the informationreceived from the client via the first communication channel. Forexample, the activation data may include the callerID of Access Device110A or a sessionID of the first communication. The activation data isconfigured to cause Application Logic 270 to open a second CommunicationChannel 1030 between Access Device 110A and Server 1010. This secondCommunication Channel 1030 typically includes enhanced communicationfunctionality relative to the first Communication Channel 1020.

Send Data Step 920 optionally includes opening a third CommunicationChannel 1040 between Access Device 110A and Server 1010. For example, ifthe activation data is sent via an SMS message than an SMS channel maybe opened based on a callerID identified in Identify Client Step 915. Insome embodiments, Send Data Step 920 is not performed if the informationreceived via the first communication channel 1020 is sufficient toidentify the account of a user.

In a Receive 2^(nd) Communication Step 925, a second communication isreceived from the client via the second Communication Channel 1030. Thesecond communication is initiated using an application executing on theclient in response to the activation data. For example the secondcommunication may be initiated by Application Logic 270 in response tocommands received in an SMS or MMS message received by Access Device110A via third Communication Channel 1040.

In a Communicate Step 930, data is communicated between Access Device110A and Server 1010 via the second Communication Channel 1030. Thisdata may be directed to CRM System 120A and/or to an embodiment ofServer 1010 configured to provide web/cloud services. For example, thedata may include communications between Application Logic 270 and anautomated reservation system executing on Server 1010. Note that usingthe steps illustrated in FIG. 9, access to web/cloud services can beinitiated by a telephone call or text message from an enabled mobiledevice. These services can include provisioning of all or part ofApplication Logic 270 on Access Device 110A.

In an optional Authenticate Step 935, the second Communication Channel1030 is used to provide authentication and/or other services discussedherein. These services can include, for example, those illustrated inFIGS. 4 and 8.

Several embodiments are specifically illustrated and/or describedherein. However, it will be appreciated that modifications andvariations are covered by the above teachings and within the scope ofthe appended claims without departing from the spirit and intended scopethereof. For example, the “customer service agent” discussed hereincould be a “sales agent” or other personnel. While flights and otherspecific use cases are used in some of the examples herein, these it isintended that these examples may be adapted to any type of service thatmay involve access to a customer service agent, scheduled events,delivery, measurable provision of services, and/or the like. While manyof the examples discussed herein include a client-server relationshipbetween devices, these examples may be adapted to peer-to-peerrelationships. For example, any combination of the features taught to beincluded in CRM System 120A are alternatively included in an instance ofAccess Devices 110 such that instances of Access Devices 110 interact ina peer-to-peer relationship.

The embodiments discussed herein are illustrative of the presentinvention. As these embodiments of the present invention are describedwith reference to illustrations, various modifications or adaptations ofthe methods and or specific structures described may become apparent tothose skilled in the art. All such modifications, adaptations, orvariations that rely upon the teachings of the present invention, andthrough which these teachings have advanced the art, are considered tobe within the spirit and scope of the present invention. Hence, thesedescriptions and drawings should not be considered in a limiting sense,as it is understood that the present invention is in no way limited toonly the embodiments illustrated.

Computing systems referred to herein can comprise an integrated circuit,a microprocessor, a personal computer, a server, a distributed computingsystem, a communication device, a network device, or the like, andvarious combinations of the same. A computing system may also comprisevolatile and/or non-volatile memory such as random access memory (RAM),dynamic random access memory (DRAM), static random access memory (SRAM),magnetic media, optical media, nano-media, a hard drive, a compact disk,a digital versatile disc (DVD), and/or other devices configured forstoring analog or digital information, such as in a database. Thevarious examples of logic noted herein can comprise hardware, firmware,or software stored on a computer-readable medium, or combinationsthereof. A computer-readable medium, as used herein, expressly excludespaper. Computer-implemented steps of the methods noted herein cancomprise a set of instructions stored on a computer-readable medium thatwhen executed cause the computing system to perform the steps. Acomputing system programmed to perform particular functions pursuant toinstructions from program software is a special purpose computing systemfor performing those particular functions. Data that is manipulated by aspecial purpose computing system while performing those particularfunctions is at least electronically saved in buffers of the computingsystem, physically changing the special purpose computing system fromone state to the next with each change to the stored data. The logicdiscussed herein may include hardware, firmware and/or software storedon a non-transient computer readable medium. This logic may beimplemented in an electronic device to produce a special purposecomputing system.

What is claimed is:
 1. A communication server device comprising: anagent interface configured for a human agent to communicate between theagent interface and a remote client; enhancement logic configured toreceive a communication from the remote client via a first communicationchannel and to automatically execute application logic on the remoteclient, the application logic being configured to open a secondcommunication channel between the remote client and the server deviceusing an identifier of the remote client, the second communicationchannel having an enhanced communication functionality relative to thefirst communication channel, the enhancement logic being furtherconfigured to execute the application logic on the remote client bysending a command via a third communication channel; accountidentification logic configured to associate the identifier of theremote client with an account of a user of the remote client; and aprocessor configured to execute at least the enhancement logic.
 2. Thedevice of claim 1, wherein the command sent via the third communicationchannel is sent using the identifier of the remote client received viathe first communication channel.
 3. The device of claim 1, wherein theenhanced communication functionality includes an ability to send datausing packets via TCP/IP protocols.
 4. The device of claim 1, whereinthe enhanced communication functionality includes an ability to senddata using an internet protocol address.
 5. The device of claim 1,wherein the agent interface is further configured for the human agent toinitiate a request for information from the remote client, and furtherincluding request logic configured to send the request to the remoteclient and to receive a response to the request, the request including acommand.
 6. The device of claim 1, wherein the agent interface isfurther configured for the human agent to send commands to theapplication executing on the remote client.
 7. The device of claim 1,further comprising authentication logic configured to authenticate auser of the remote client via the second communication channel.
 8. Thedevice of claim 1, further comprising account identification logicconfigured to associate the identifier of the remote client with anidentifier of an account of the user, wherein the identifier of theaccount of the user is received from the remote client via the secondcommunication channel.
 9. The device of claim 8, wherein the identifierof the account is an e-mail address or a username.
 10. The device ofclaim 8, wherein the identifier of the remote client is a telephonenumber.
 11. The device of claim 1, wherein the enhancement logic isconfigured to keep both the first communication channel and the secondcommunication channel at the same time.
 12. The device of claim 1,wherein the enhancement logic is configured to direct the secondcommunication channel to a human agent, the human agent being incommunication with the remote client via the first communicationchannel.
 13. The device of claim 1, wherein the enhancement logic isconfigured to download the application logic to the remote client. 14.The device of claim 1, wherein the enhancement logic is configured toexecute the application logic on the remote client using an SMS or MMSmessage.